Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

After trying to get SAML single sign-on to work with Azure AD I can't login anymore

Tom Horton
Tom Horton April 6, 2020

I was trying to configure Azure AD and Atlassian cloud for SAML single sign-on and I thought it configured correctly. But I may have configured two tenants.

When I try to login as an Atlassian administrator I get the following error:

Request Id: daa2afe1-b25c-458f-8def-de39110a0300

Correlation Id: 534761d7-b271-4245-b857-a2fcdfda7877

Timestamp: 2020-04-07T00:25:32Z

Message: AADSTS700016: Application with identifier 'https://auth.atlassian.com/saml/ceffa91e-a55e-4ab4-b185-60119714b336' was not found in the directory 'c8a43e29-f09d-477a-8567-335b11f6596a'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

I can't login to Support to request help, so I'm hoping a support person in the community will help me out. I need to get this resolved as soon as possible since none of our users can login.

Thanks!

Answer
Watch
Like Be the first to like this
7146 views

7 answers

1 accepted

0 votes
Answer accepted
Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 7, 2020

Hi @Tom Horton ,

Please contact Atlassian support directly, we can help get SSO disabled temporarily while we help you diagnose what went wrong. https://support.atlassian.com/contact/#/

View More Comments
Tom Horton
Tom Horton April 7, 2020

I can't submit a tech support request because I can't log into the portal to create one. I called the California office and left a voicemail for tech support an hour ago, but no call back yet. Is there a more direct way to get support in disabling SSO? 

Like
Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 7, 2020

You should be able to use the account that you're currently using for Atlassian Community to create a request, we should be able to get the request associated with your existing account.

Like
Tom Horton
Tom Horton April 7, 2020

My loginID for the Atlassian Community is the same email address that is used for my company's Atlassian account. So when I click on https://support.atlassian.com/contact/#/ I'm prompted for my email address and I get the SSO error and can't login to create a request.

Is there another way to submit a support request using my Atlassian Community account?

Like
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 7, 2020

Hi Tom,

We've opened a request for you directly - you should have received an email just a moment ago with the case details. Although it seems that you're not able to log in currently due to the SAML misconfiguration, you should be able to interact with the support request over email.

Thanks
Daniel | Atlassian Support

Like Tom Horton likes this
PL Backup Account
PL Backup Account April 23, 2020

Hello,

 

I just encountered the same issue as Tom above.

 

 

Request Id: f754459e-6c9d-43b7-8bd7-2b10c13d2300
Correlation Id: d3d5e7f5-b151-4fb7-985c-debe7fea9dfe
Timestamp: 2020-04-23T15:56:14Z
Message: AADSTS700016: Application with identifier 'https://auth.atlassian.com/saml/f2cf43c8-d0ef-4426-a112-ab3664221dc6' was not found in the directory 'b063e3ea-b036-4592-8de4-67f7b977b037'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

 

Could you give me a hint how to proceed?

 

Thanks!

 

Peter

Like
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 28, 2020

Hey Peter,

I can see you've opened a case in our support system as well - thanks! For this type of error, our internal support team is best suited to assist as they ensure the right accounts have administrator access in your Cloud site to make the appropriate SAML changes. They'll have you sorted soon!

Cheers,
Daniel

Like
Reply
1 vote
James
James August 18, 2020

Same here, answer was to take the tenant id that appears in the login error, append it to https://auth.atlassian.com/saml/<<tenant id>> and put that in the Basic SAML Configuration \ Identifier (Entity ID) field.  And for the 'Reply URL', to append it to https://auth.atlassian.com/login/callback?connection=saml/<<tenant id>>

View More Comments
Kristof Huygen
Kristof Huygen September 24, 2020

Thank you, this worked and saved my night!

Like Kyle Maguire likes this
Kyle Maguire
Kyle Maguire
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 21, 2024

James your a hero, this saved my weekend!

Like
Reply
1 vote
Tom Horton
Tom Horton May 6, 2020

The main advice I can give on how to avoid this error is to make sure you add an administrator account to JIRA that is from a different domain BEFORE you make any changes to enable single sign-on. The JIRA documentation mentions this, but it's not very prominent. 

I didn't, so when I mistakenly added another tenant and locked myself out, I couldn't log in and remove the bad tenant to restore my access.

To make it even worse, I couldn't submit a support ticket online because I couldn't log in to my Atlassian account to submit it. I had to call the support number and leave a voicemail.

Lesson learned.

View More Comments
Surpreet_Singh
Surpreet_Singh May 6, 2020

Thanks Tom!

Much appreciated. I have the same issue. I'll contact their support teams and see how I go :)

Like
Reply
0 votes
Chad Barczuk
Chad Barczuk January 31, 2022

I have also ran into this issue and have opened a support ticket under my personal account. Need to get SSO disabled. Any chance this can be escalated?

View More Comments
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 31, 2022

Hi @Chad Barczuk , welcome to the Community! 

It looks like the support case you opened was already at a high priority. I'm glad that the support team was able to get you back in to your account quickly!

Cheers,
Daniel

Like
Reply
0 votes
John Heap
John Heap January 25, 2022

oh dear...

I've also landed with this problem with our corporate account.

Support ticket raised via my personal Atlassian account, fingers cross the support team can turn off SSO so I can get back in a resolved the underlying problem - other than my inability to follow instructions....

View More Comments
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 25, 2022

Hi @John Heap , welcome to the Community and thanks for the note. I've increased the priority on your support case based on your note that you're currently locked out. Our support team should be in touch shortly.

Like
Reply
0 votes
Chris Gregory
Chris Gregory June 15, 2020

Ok - so I have to ended up in this loop!  I cannot log a ticket as cannot sign in but do have access here.

 

How do I proceed?

View More Comments
Tom Horton
Tom Horton June 15, 2020

I had to call the closest Atlassian office and leave a voicemail message with their support department. Here is the list of phone numbers, at the bottom of the webpage:

https://www.atlassian.com/company/contact

Like
Chris Gregory
Chris Gregory June 16, 2020

Managed to identify the issue in that somehow the incorrect entity ID had been populated in Azure, despite using the automated process... odd

 

All working now

Like
Reply
0 votes
Surpreet_Singh
Surpreet_Singh April 30, 2020

Hi All, 

Came accross the same issue on another cloudsite I've configured. Is there a KB article I can follow?

 

Thanks in advance. 

View More Comments
PL Backup Account
PL Backup Account May 6, 2020

Hi,

 

I directly contacted the Atlassian Cloud support.

The first step to obtain access again is to add a new User with from another Domain to your Atlassian cloud system. With the new user it is possible to fix the settings.
(At which step I'm right now)
I'm not quiet sure if this can be done on yourself.

Here I'd also recommend to go directly for the Atlassian Cloud Support.

 

BR

 Peter

Like
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

    See all events